﻿<?xml version="1.0" encoding="utf-8" ?>
<Rules xmlns="Sherwood.SignOn.Client.UrlFilter">
    <Rule alwaysAllow="true">
        <url>internal.sherwood.codeplex.com</url>
        <hosts>127.0.0.1</hosts>
        <allowRedirectUrl>allowRedirectHost</allowRedirectUrl>
    </Rule>
    <Rule alwaysAllow="true">
        <url>sherwood.codeplex.com</url>
        <users>systemadmin</users>
        <roles></roles>
    </Rule>
    <Rule>
        <url>sherwood.codeplex.com</url>
        <users>.*</users>
        <roles>.*</roles>
    </Rule>
    <Rule>
        <url>secure.sherwood.codeplex.com</url>
        <users>.+</users>
        <roles></roles>
    </Rule>
    <Rule>
        <url>internal.sherwood.codeplex.com</url>
        <users>.+</users>
        <denyRedirectUrl>denyRedirectHost</denyRedirectUrl>
    </Rule>
    <Rule>
        <url>admin.sherwood.codeplex.com</url>
        <users>administrator</users>
        <roles></roles>
    </Rule>
    <Rule alwaysDeny="true">
        <url>edit.sherwood.codeplex.com</url>
        <users></users>
        <roles>under18</roles>
    </Rule>
    <Rule>
        <url>edit.sherwood.codeplex.com</url>
        <users></users>
        <roles>.*editor</roles>
    </Rule>
    <Rule>
        <url>\.jpg(\?.*)?$</url>
        <users></users>
        <roles></roles>
    </Rule>
    <Rule alwaysDeny="true">
        <url>redirect.sherwood.codeplex.com</url>
        <users>denyuser</users>
        <denyRedirectUrl>denyredirect</denyRedirectUrl>
    </Rule>
    <Rule alwaysAllow="true">
        <url>redirect.sherwood.codeplex.com</url>
        <users>allowuser</users>
        <allowRedirectUrl>allowredirect</allowRedirectUrl>
    </Rule>
    <Rule>
        <url>redirect.sherwood.codeplex.com</url>
        <denyRedirectUrl>anyoldurl</denyRedirectUrl>
        <allowRedirectUrl>allowredirect</allowRedirectUrl>
    </Rule>
    <Rule>
        <url>redirect.sherwood.codeplex.com</url>
        <roles>allowrole</roles>
        <denyRedirectUrl>denyredirect</denyRedirectUrl>
        <allowRedirectUrl>allowredirect</allowRedirectUrl>
    </Rule> 
</Rules>